<?php
require_once ('../config/path_config.php');
require_once(ROOTDIR."admin/admin-header.php");
require_once(ROOTDIR."common/db_utils.php");
require_once("../include/check_get_key.php");
$isAllow = isset($_SESSION['administrator']);
$isAllow |= isset($_SESSION['jgadmin']);

if ( !$isAllow ) {
    echo "<a href='../loginpage.php'>Please Login First!</a>";
    exit(1);
}

function checkAuth($rightStr) {
    $pList = array('viewcode_no_ac','viewcode_after_ac', 'parent');

    // 1. 教师可为学生添加在代码被成功AC后，查看其他人代码的权限
    if ( isset($_SESSION['xxadmin']) ) {

    }
    if ( isset($_SESSION['jgadmin']) ) {
        array_push($pList,'problem_editor','teacher', 'xxadmin');
    }

    if ( isset($_SESSION['administrator']) ) {
        array_push($pList,'jgadmin', 'xxadmin', 'teacher', 'problem_editor', 'problem_checker');
    }
    return in_array($rightStr, $pList);
}

if(isset($_GET['uid'])){
	$user_id=$_GET['uid'];
	$rightstr =$_GET['rightstr'];
	if ( ! checkAuth($rightstr) ) {
        echo "<br/><br/>";
        echo "不具备该权限!";
        exit(0);
    }
	$sql="delete from `privilege` where user_id=? and rightstr=?";
	$rows = DbUtil::getInstance()->query($sql, $user_id, $rightstr);
    echo "<br/><br/>";
	echo "用户: $user_id  权限：$rightstr 已删除!";
}
?>
